Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
awilliam
GitHub Repository: awilliam/linux-vfio
 Path: blob/master/include/keys/rxrpc-type.h
10817 views
1
/* RxRPC key type

2
 *

3
 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.

4
 * Written by David Howells ([email protected])

5
 *

6
 * This program is free software; you can redistribute it and/or

7
 * modify it under the terms of the GNU General Public License

8
 * as published by the Free Software Foundation; either version

9
 * 2 of the License, or (at your option) any later version.

10
 */

11


12
#ifndef _KEYS_RXRPC_TYPE_H

13
#define _KEYS_RXRPC_TYPE_H

14


15
#include <linux/key.h>

16


17
/*

18
 * key type for AF_RXRPC keys

19
 */

20
extern struct key_type key_type_rxrpc;

21


22
extern struct key *rxrpc_get_null_key(const char *);

23


24
/*

25
 * RxRPC key for Kerberos IV (type-2 security)

26
 */

27
struct rxkad_key {

28
	u32	vice_id;

29
	u32	start;			/* time at which ticket starts */

30
	u32	expiry;			/* time at which ticket expires */

31
	u32	kvno;			/* key version number */

32
	u8	primary_flag;		/* T if key for primary cell for this user */

33
	u16	ticket_len;		/* length of ticket[] */

34
	u8	session_key[8];		/* DES session key */

35
	u8	ticket[0];		/* the encrypted ticket */

36
};

37


38
/*

39
 * Kerberos 5 principal

40
 *	name/name/name@realm

41
 */

42
struct krb5_principal {

43
	u8	n_name_parts;		/* N of parts of the name part of the principal */

44
	char	**name_parts;		/* parts of the name part of the principal */

45
	char	*realm;			/* parts of the realm part of the principal */

46
};

47


48
/*

49
 * Kerberos 5 tagged data

50
 */

51
struct krb5_tagged_data {

52
	/* for tag value, see /usr/include/krb5/krb5.h

53
	 * - KRB5_AUTHDATA_* for auth data

54
	 * - 

55
	 */

56
	s32		tag;

57
	u32		data_len;

58
	u8		*data;

59
};

60


61
/*

62
 * RxRPC key for Kerberos V (type-5 security)

63
 */

64
struct rxk5_key {

65
	u64			authtime;	/* time at which auth token generated */

66
	u64			starttime;	/* time at which auth token starts */

67
	u64			endtime;	/* time at which auth token expired */

68
	u64			renew_till;	/* time to which auth token can be renewed */

69
	s32			is_skey;	/* T if ticket is encrypted in another ticket's

70
						 * skey */

71
	s32			flags;		/* mask of TKT_FLG_* bits (krb5/krb5.h) */

72
	struct krb5_principal	client;		/* client principal name */

73
	struct krb5_principal	server;		/* server principal name */

74
	u16			ticket_len;	/* length of ticket */

75
	u16			ticket2_len;	/* length of second ticket */

76
	u8			n_authdata;	/* number of authorisation data elements */

77
	u8			n_addresses;	/* number of addresses */

78
	struct krb5_tagged_data	session;	/* session data; tag is enctype */

79
	struct krb5_tagged_data *addresses;	/* addresses */

80
	u8			*ticket;	/* krb5 ticket */

81
	u8			*ticket2;	/* second krb5 ticket, if related to ticket (via

82
						 * DUPLICATE-SKEY or ENC-TKT-IN-SKEY) */

83
	struct krb5_tagged_data *authdata;	/* authorisation data */

84
};

85


86
/*

87
 * list of tokens attached to an rxrpc key

88
 */

89
struct rxrpc_key_token {

90
	u16	security_index;		/* RxRPC header security index */

91
	struct rxrpc_key_token *next;	/* the next token in the list */

92
	union {

93
		struct rxkad_key *kad;

94
		struct rxk5_key *k5;

95
	};

96
};

97


98
/*

99
 * structure of raw payloads passed to add_key() or instantiate key

100
 */

101
struct rxrpc_key_data_v1 {

102
	u16		security_index;

103
	u16		ticket_length;

104
	u32		expiry;			/* time_t */

105
	u32		kvno;

106
	u8		session_key[8];

107
	u8		ticket[0];

108
};

109


110
/*

111
 * AF_RXRPC key payload derived from XDR format

112
 * - based on openafs-1.4.10/src/auth/afs_token.xg

113
 */

114
#define AFSTOKEN_LENGTH_MAX		16384	/* max payload size */

115
#define AFSTOKEN_STRING_MAX		256	/* max small string length */

116
#define AFSTOKEN_DATA_MAX		64	/* max small data length */

117
#define AFSTOKEN_CELL_MAX		64	/* max cellname length */

118
#define AFSTOKEN_MAX			8	/* max tokens per payload */

119
#define AFSTOKEN_BDATALN_MAX		16384	/* max big data length */

120
#define AFSTOKEN_RK_TIX_MAX		12000	/* max RxKAD ticket size */

121
#define AFSTOKEN_GK_KEY_MAX		64	/* max GSSAPI key size */

122
#define AFSTOKEN_GK_TOKEN_MAX		16384	/* max GSSAPI token size */

123
#define AFSTOKEN_K5_COMPONENTS_MAX	16	/* max K5 components */

124
#define AFSTOKEN_K5_NAME_MAX		128	/* max K5 name length */

125
#define AFSTOKEN_K5_REALM_MAX		64	/* max K5 realm name length */

126
#define AFSTOKEN_K5_TIX_MAX		16384	/* max K5 ticket size */

127
#define AFSTOKEN_K5_ADDRESSES_MAX	16	/* max K5 addresses */

128
#define AFSTOKEN_K5_AUTHDATA_MAX	16	/* max K5 pieces of auth data */

129


130
#endif /* _KEYS_RXRPC_TYPE_H */

131


132